Fedora Core 2: FEDORA-2004-530 Critical: MySQL Privilege Escalation

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a

client/server implementation consisting of a server daemon (mysqld)

and many different client programs and libraries. This package

contains the MySQL client programs, the client shared libraries, and

generic MySQL files.

- fix security issues CAN-2004-0835, CAN-2004-0836, CAN-2004-0837

(bugs #135372, 135375, 135387)

- fix privilege escalation on GRANT ALL ON `Foo\_Bar` (CAN-2004-0957)

- fix multilib problem with mysqlbug and mysql_config

- adjust chkconfig priority per bug #128852

- remove bogus quoting per bug #129409 (MySQL 4.0 has done likewise)

- add sleep to mysql.init restart(); may or may not fix bug #133993

- fix low-priority security issues CAN-2004-0388, CAN-2004-0381, CAN-2004-0457

(bugs #119442, 125991, 130347, 130348)

- fix bug with dropping databases under recent kernels (bug #124352)

631ed84a7379164d0fbfb92b69016285 SRPMS/mysql-3.23.58-9.1.src.rpm

4a0aec6e6dbe79edd30eb441c2f142d6 x86_64/mysql-3.23.58-9.1.x86_64.rpm

36dccd9a66e5cea5350dce364bcabd35 x86_64/mysql-server-3.23.58-9.1.x86_64.rpm

dd48b7d5690d051d53958613be03d995 x86_64/mysql-devel-3.23.58-9.1.x86_64.rpm

96805f6f4016ea429a61c9fd1b048f13 x86_64/mysql-bench-3.23.58-9.1.x86_64.rpm

6226ba82b2bdfe91c3b6b966340cb117 x86_64/debug/mysql-debuginfo-3.23.58-9.1.x86_64.rpm

643a2d1e297fc56c133e231b627ab9fa i386/mysql-3.23.58-9.1.i386.rpm

4dd68414fe1096b703f7f8e155ef227f i386/mysql-server-3.23.58-9.1.i386.rpm

09beb1f36eff820937e2a7193559b8d9 i386/mysql-devel-3.23.58-9.1.i386.rpm

63991ec7997909cddfa114d244353434 i386/mysql-bench-3.23.58-9.1.i386.rpm

8d992222d621e6259d4df98c242c9030 i386/debug/mysql-debuginfo-3.23.58-9.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com